Network Basics ( Information of OSI model and others)
OSI
& TCP/IP models
OSI model
OSI
(Open Systems Interconnection) model was created by the International
Organization for Standardization (ISO), an international standard-setting body.
It was designed to be a reference model for describing the functions of a
communication system. It has seven layers, with each layer describing a
different function of data traveling through a network.
Here
is the graphical representation of these layers:
- Application
- Presentation
- Session
- Transport
- Network
- Datalink
- Physical
The
layers are usually numbered from the last one, meaning that the Physical layer
is consider to be the first layer. It is good to learn these layers, since
there will certainly be a couple of questions on the CCNA exam regarding them.
Most people learn the mnemonic "Please Do Not Throw Sausage Pizza Away":
- Application---- Away
- Presentation--- Pizza
- Session--- Sausage
- Transport---Throw
- Network---Not
- Datalink---Do
- Physical---Please
So,
what is the purpose of these layers?
They are most commonly used by vendors. They enable them to implement some
They are most commonly used by vendors. They enable them to implement some
functionality
into a networking device, which then enables easier interoperability with
devices from other vendors.
Here
is a brief description of each of these layers.
Physical – defines how to move
bits from one device to another. It details how cables, connectors and network
interface cards are going to work and how to send and receive bits.
Data
Link –
encapsulates a packet in a frame. A frame contains a header and a trailer that
enable devices to communicate. A header, most commonly, contains a source and a
destination MAC address. A trailer contains the Frame Check Sequence field,
which is used to detect transmission errors.
The
data link layer has two sublayers:
1.
Logical Link Control – used for flow control and error
detection
2. Media Access Control – used for hardware addressing and controlling the access method
2. Media Access Control – used for hardware addressing and controlling the access method
Network – defines device
addressing, routing, and path determination. Device (logical) addressing is
used to identify a host on a network (e.g. by its IP address).
Transport – segments great chunks
of data received from the upper layer protocols. Establishes and terminates
connections between two computers. Used for flow control and data recovery.
Session – defines how to
establish and terminate a session between the two systems.
Presentation – defines data formats.
Compression and encryption are defined at this layer.
Application – this layer is the
closest to the user. It enables network applications to communicate with other
network applications.
TCP/IP model
The
TCP/IP model was created in the 1970s by the Defense Advance Research Project
Agency (DARPA). Like the OSI model, it describes general guidelines for
designing and implementing computer protocols.
It consists of four layers: Network Access, Internet, Transport, and Application.
It consists of four layers: Network Access, Internet, Transport, and Application.
As
you can see, the TCP/IP model has fewer layers than the OSI model. The
Application, Presentation, and Session layers of the OSI model are merged in
only one layer, Application layer, in the TCP/IP model. Also, Physical and Data
Link layers are called Network Access layer in the TCP/IP model.
Differences between OSI and TCP/IP model
There
are some other differences between these two models, besides the obvious
difference in the number of layers. OSI model prescribes the steps needed to transfer
data over a network and it is very specific in it, defining which protocol is
used at each layer and how. The TCP/IP model is not that specific. It can be
said that the OSI model prescribes and TCP/IP model describes
Encapsulation
The
term “encapsulation” is used to describe a process of adding headers and
trailers around some data. For example, when you send an email using your
favourite email program (like Outlook or Thunderbird) that email is sent from
the Application layer to the Transport layer. The Transport layer encapsulates
the data and adds its own header (with its own information, such as which port
will be used) and passes the data to the Internet layer, which again
encapsulates the received data and adds its own header, usually with information
about the source and destination IP addresses. The Internet layer than passes
the data to the Network Access layer. This layer is the only layer that adds
both a header and a trailer. The data is then sent through a physical network
link.
Each
layer adds its own information:
The
term “decapsulation” refers to the process of removing headers and trailers as
data passes from lower to upper layers. This process happens on a computer that
is receiving data.
Frame, packet, segment
Frame – the term “frame” refers
to the encapsulated data defined by the Network Access layer. A frame can have
a header and a trailer that encapsulate a data section.
Packet – the term “packet” is
used to describe the encapsulated data defined by the Internet layer. A packet
can have a header with the source and destination IP addresses.
Segment – the term “segment”
describes encapsulated data defined by the Transport layer. A segment can have
a header with informations such as source and destionation port numbers,
sequence and acknowledgment numbers, etc.
Ethernet
is the most used networking technology for LANs today. It defines wiring and
signaling for the Physical layer of the OSI model. For the Data Link layer, it
defines frame formats and protocols.
Ethernet
is described as IEEE 802.3 standard. It uses Carrier Sense Multiple Access with
Collision Detection (CSMA/CD) access method and supports speeds up to 100 Gbps.
It can use coaxial, twisted pair and fiber optic cables. Ethernet uses frames
to with source and destination MAC addresses to deliver data
Ethernet
frame
We have already learned that encapsulated data
defined by the Network Access layer is called an Ethernet frame. An Ethernet
frame starts with a header, which contains the source and destination MAC
addresses, among other data. The middle part of the frame is the actual data.
The frame ends with a field called Frame Check Sequence (FCS).
The Ethernet frame structure is defined in the
IEEE 802.3 standard. Here is a graphical representation of an Ethernet frame
and a description of each field in the frame:
·
Preamble – informs the receiving system that a
frame is starting and enables synchronisation.
·
SFD (Start Frame Delimiter) – signifies that
the Destination MAC Address field begins with the next byte.
·
Destination MAC – identifies the receiving
system.
·
Source MAC – identifies the sending system.
·
Type – defines the type of protocol inside the
frame, for example IPv4 or IPv6.
·
Data and Pad – contains the payload data.
Padding data is added to meet the minimum length requirement for this field (46
bytes).
·
FCS (Frame Check Sequence) – contains a 32-bit
Cyclic Redundancy Check (CRC) which allows detection of corrupted data.
MAC & IP addresses
MAC address
A Media Access Control (MAC) address is a 48-bit address that is used for communication between two hosts in an Ethernet environment. It is a hardware address, which means that it is stored in the firmware of the network card.
A MAC address is supposed to be globaly unique. Each network card vendor gets its share of addresses (represented by the first 24 bits).
D8-D3-85-EB-12-E3
Every hexadecimal character represents 4 bits, so the first six hexadecimal characters represent the vendor (in this case, Hewlett Packard).
How to find out your own MAC address?
If you are using Windows, enter the Command Prompt (Start – Programs – Accessories – Command Prompt). Type the ipconfig/all command and you should see a field called Physical address under the Ethernet adapter settings:
If you are using Linux, type the ifconfig command. You should see your MAC address referred to as HWaddress.
IP address
An IP address is a 32-bit number that identifies a host on a network. It is usually written in the form of four decimal numbers seperated by periods (e.g. 10.0.50.1).
In contrast to MAC address, an IP address is a logical address. Any device that wants to communicate with other device using TCP/IP needs to have an IP address. It can be configured manually or it can be obtained from a DHCP server.
The term “IP address” is usually used for IPv4, which is the fourth version of the IP protocol. A newer version exists, IPv6, and uses 128-bit addressing.
Private IP addresses
There are three ranges of addresses that can be used in a private network (e.g. your home LAN). These addresses are not routable through the Internet.
Private addresses ranges:
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
How to find out your IP address
Windows users:
Enter the Command Promt (Start – Programs – Accessories – Command Prompt).
Linux users:
Enter ifconfig. You should see a field called inet addr:
Unicast,
multicast, and broadcast addresses
Network
devices
Hubs
Switches
Routers
Half
duplex and full duplex
IEEE
Ethernet standards
Cisco
three-layer hierarchical model
In contrast to MAC address, an IP address is a logical address. Any device that wants to communicate with other device using TCP/IP needs to have an IP address. It can be configured manually or it can be obtained from a DHCP server.
The term “IP address” is usually used for IPv4, which is the fourth version of the IP protocol. A newer version exists, IPv6, and uses 128-bit addressing.
Private IP addresses
There are three ranges of addresses that can be used in a private network (e.g. your home LAN). These addresses are not routable through the Internet.
Private addresses ranges:
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
How to find out your IP address
Windows users:
Enter the Command Promt (Start – Programs – Accessories – Command Prompt).
Linux users:
Enter ifconfig. You should see a field called inet addr:
Unicast,
multicast, and broadcast addresses
There are three types of Ethernet addresses:
·
unicast addresses –
represent a single LAN interface. A unicast frame will be sent to a specific
device, not to a group of devices on the LAN.
·
multicast addresses –
represent a group of devices in a LAN. A frame sent to a multicast address will
be forwarded to a group of devices on the LAN.
·
broadcast addresses –
represent all device on the LAN. Frames sent to a broadcast address will be
delivered to all devices on the LAN.
The broadcast address has the value of FFFF.FFFF.FFFF (all
binary ones). The switch will flood broadcast frames out all ports except the
port that it was received on.
Multicast frames have a value of 1 in the
least-significant bit of the first octet of the destination address. This helps
a network switch to distinguish between unicast and multicast addresses. One
example of an Ethernet multicast address would be 01:00:0C:CC:CC:CC,
which is an address used by CDP (Cisco Discovery Protocol).
Network
devices
Hubs
A
hub serves as a central point to which all of the hosts in a network connect
to. It is an OSI layer 1 device. It receives a signal from one port and sends
it out to all other ports. Sometimes it is called a multiport repeater (photo
credit: Wikipedia)
Today,
these devices are considered obsolete and switches are commonly used instead.
Hubs have numerous disadvantages. They are not aware of the traffic that passes
through them. They create only one large collision domain. A hub typically
operates in half duplex. There is also a security issue with hubs since the
traffic is forwarded to all ports (except the source port), which makes it
possible to capture all traffic on a network with a network sniffer!
Switches
Like
hubs, a switch is used to connect multiple hosts together, but it has many
advantages over a hub. Switch is an OSI Layer 2 device, which means that it can
inspect received traffic and make forwarding decisions. Each port on a switch
is a separate collision domain and can run in a full duplex mode (photo credit: Wikipedia).
How
switches work
Let’s
take a look at the following example:
Host
A is trying to communicate with Host B and sends a packet. A packet arrives at
the switch, which looks at the destination MAC address. The switch then
searches that address in its MAC address table. If the MAC address is found,
the switch then forwards the packet only to the port that connected to the
frame’s destination. If the MAC address is not found, the switch will flood the
frame out all other ports. To learn which MAC address is associated with which
port, switches examine the source MAC addresses of the receiving packet and
store that MAC addresses in their MAC address table.
What
is a MAC address table?
A
MAC address table lists which MAC address is connected to which port. It is
used by switches to make forwarding decisions. The table is populated by
examining the source MAC address of the incoming packet. If the source MAC
address of a packet is not present in the table, the switch adds an entry to
it’s MAC address table.
Difference
between a switch and a bridge
A
switch is sometimes called a multiport bridge, but there are differences
between these two devices. A bridge usually has fewer ports than switch. A
switch operates faster because it is hardware-based, which means that it uses
chips (ASICs) when making forwarding decisions. In contrast, a bridge is
software based. A switch can also have multiple spanning-tree instances while a
bridge can have only one. Switches can also have multiple broadcast domains,
one per VLAN.
Routers
A
router is a device that routes packets from one network to another. A router is
most commonly an OSI Layer 3 device. Routers divide broadcast domains and have
traffic filtering capabilities.
The
picture below shows a typical home router:
How
routers work
A
router uses IP addresses to figure out where to send packets. If two hosts from
different networks want to communicate, they will need a router between them to
route packets
For
example, check the following scenario:
Host
A and host B are on different networks. If host A wants to communicate with
host B, it will have to send a packet to the router. The router receives the
packet and checks the destination IP address. If the destination IP address is
in the routing table, the router will forward the packet out the interface
associated with that network.
What
is a routing table?
A
routing table lists a route for every network that a router can reach. It can
be statically configured (using IOS commands) or dynamically learned (using a
routing protocol). It is used by routers when deciding where to forward
packets.
The
command to display an IP routing table is show ip route. In the picture above, you can see that this
router has two directly connected subnets. Let’s take a closer look at the
first entry in the routing table:
„C“
means that the route is a directly connected route. The network in question is
10.0.0.0/8, and the router will forward each packet destined for that network
out interface FastEthernet0/1.
NOTE
– in Windows, you can use the netstat
–r command
to display the routing table of your system.
Half
duplex and full duplex
In telecommunication, a duplex communication
system is a point-to-point system of two devices that can communicate with each
other in both direction. These two types of duplex communication systems exist
in Ethernet environments:
·
half-duplex – a port can send data
only when it is not receiving data. In other words, it cannot send and receive
data at the same time. Network hubs run in half-duplex mode in order to prevent
collisions. Since hubs are rare in modern LANs, the half-duplex system is not
widely used in Ethernet networks anymore.
·
full-duplex – all nodes can send and
receive on their port at the same time. There are no collisions in full-duplex
mode, but the host NIC and the switch port must support the full-duplex mode.
Full-duplex Ethernet uses two pairs of wires at the same time instead of a
single wire pair like half-duplex.
NOTE – each NIC and switch port has a duplex
setting. For all links between hosts and switches, or between switches, the
full-duplex mode should be used. However, for all links connected to a LAN hub,
the half-duplex mode should be used in order to prevent a duplex mismatch that
could decrease network performance.
IEEE
Ethernet standards
Ethernet is defined in a number of IEEE
(Institute of Electrical and Electronics Engineers) 802.3 standards. These
standards define the physical and data-link layer specifications for Ethernet.
The most important 802.3 standards are:
·
10Base-T (IEEE 802.3) –
10 Mbps with category 3 unshielded twisted pair (UTP) wiring, up to 100 meters
long.
·
100Base-TX (IEEE 802.3u) –
known as Fast Ethernet, uses category 5, 5E, or 6 UTP wiring, up to 100 meters
long.
·
100Base-FX (IEEE 802.3u) –
a version of Fast Ethernet that uses multi-mode optical fiber. Up to 412 meters
long.
·
1000Base-CX (IEEE 802.3z) –
uses copper twisted-pair cabling. Up to 25 meters long.
·
1000Base-T (IEEE 802.3ab) –
Gigabit Ethernet that uses Category 5 UTP wiring. Up to 100 meters long.
·
1000Base-SX (IEEE 802.3z) –
1 Gigabit Ethernet running over multimode fiber-optic cable.
·
1000Base-LX (IEEE 802.3z) –
1 Gigabit Ethernet running over single-mode fiber.
·
10GBase-T (802.3.an) –
10 Gbps connections over category 5e, 6, and 7 UTP cables.
Notice how the first number in the name of the
standard represents the speed of the network in megabits per second. The word
base refers to baseband, meaning that the signals are transmitted without
modulation. The last part of the standard name refers to the cabling used to
carry signals. For example, 1000Base-T means that the speed of the network is
up to 1000 Mbps, baseband signaling is used, and the twisted-pair cabling will
be used (T stands for twisted-pair).
Cisco
three-layer hierarchical model
Because networks can be extremely complicated,
with multiple protocols and diverse technologies, Cisco has developed a layered
hierarchical model for designing a reliable network infrastructure. This
three-layer model helps you design, implement, and maintain a scalable,
reliable, and cost-effective network. Each of layers has its own features and
functionality, which reduces network complexity.
Here is a description of each layer:
·
Access – controls user and
workgroup access to the resources on the network. This layer usually
incorporates Layer 2 switches and access points that provide connectivity
between workstations and servers. You can manage access control and policy,
create separate collision domains, and implement port security at this layer.
·
Distribution – serves as the
communication point between the access layer and the core. Its primary
functions is to provide routing, filtering, and WAN access and to determine how
packets can access the core. This layer determines the fastest way that network
service requests are accessed – for example, how a file request is forwarded to
a server – and, if necessary, forwards the request to the core layer. This
layer usually consists of routers and multilayer switches.
·
Core – also referred to as the
network backbone, this layer is responsible for transporting large amounts of
traffic quickly. The core layer provides interconnectivity between distribution
layer devices it usually consists of high speed devices, like high end routers
and switches with redundant links.
Comments
Post a Comment